Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hUIDurXk1aKRkOYTcRQR17xxB0Q.roa
File: hUIDurXk1aKRkOYTcRQR17xxB0Q.roa (raw, json)
Hash identifier: 8jyX4BC+TYAv+DM+CzBgE3y4es+4EDMGjiMbmUgkJAM=
Subject key identifier: 85:42:03:BA:B5:E4:D5:A2:91:90:E6:13:71:14:11:D7:BC:71:07:44
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019748FD6DFD0997941161DCF97AFD093B55
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hUIDurXk1aKRkOYTcRQR17xxB0Q.roa
Signing time: Sat 07 Jun 2025 06:04:17 +0000
ROA not before: Sat 07 Jun 2025 06:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
2001:67c:64:ffff:0:197:48fd:5d6e/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 07 Jun 2025 06:14:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:fd:6d:fd:09:97:94:11:61:dc:f9:7a:fd:09:3b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 7 06:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=854203bab5e4d5a29190e613711411d7bc710744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:35:d4:e7:7e:89:81:0c:84:f8:e0:33:9b:b8:
bb:82:fc:dd:0b:fc:57:15:af:d8:7f:f5:09:10:da:
84:b9:70:6c:16:e6:b6:cc:bb:4b:db:2e:09:1e:88:
45:37:0a:4b:98:95:6d:5c:3e:11:7c:cf:52:0e:a3:
d7:9d:e9:58:82:bd:38:22:79:47:fb:0e:6a:93:d7:
36:f7:49:7e:b7:11:0a:60:08:17:7b:86:9f:25:22:
5f:f8:e8:65:e6:23:d5:2e:a0:31:e0:93:38:02:4d:
76:93:7f:b2:90:7a:de:cf:e8:72:34:83:fb:55:ce:
5c:d1:7f:d9:ce:ec:67:73:f5:70:4d:9a:6d:fd:7c:
8f:0b:58:8a:3c:02:a4:8c:d0:9b:37:93:d3:52:ca:
dd:6b:02:c6:60:a0:1f:ea:8e:9c:0a:bf:d1:f8:c0:
0d:01:a5:fe:0f:12:72:4f:24:ad:16:80:ef:29:92:
2b:0e:c1:29:b4:8e:de:b1:ef:a4:9a:81:c3:5e:53:
8e:4e:64:9d:25:1c:11:ce:49:c7:65:60:36:59:1d:
5c:b7:44:d6:b7:3b:e0:d7:77:d1:fd:1f:38:39:7f:
58:dc:2a:e6:92:40:22:95:11:94:8a:fa:82:87:35:
12:c5:49:53:92:55:df:8b:f8:03:3f:2d:dd:a2:57:
c6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:42:03:BA:B5:E4:D5:A2:91:90:E6:13:71:14:11:D7:BC:71:07:44
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hUIDurXk1aKRkOYTcRQR17xxB0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
2001:67c:64:ffff:0:197:48fd:5d6e/128
Signature Algorithm: sha256WithRSAEncryption
b7:28:b4:e0:5a:cd:e7:ee:e4:0e:54:f9:f8:f9:4a:0e:ae:d4:
f2:56:d7:7e:a9:a8:64:da:3b:78:b8:86:18:49:98:86:ad:64:
f8:2f:12:98:dc:6b:c0:90:92:e8:51:15:6a:d0:ef:ec:0b:4c:
4a:4e:cc:d9:91:6b:2f:f8:be:d6:95:6d:94:e6:47:fa:0e:14:
16:e2:c4:7a:22:cd:44:da:bd:2a:fe:2a:51:c9:f5:4c:b8:73:
6d:61:79:2b:cc:33:95:c6:7e:2b:56:5d:90:d3:87:f6:55:9a:
e9:43:5d:0c:f4:92:ea:be:b6:53:a7:a3:a5:c8:0e:81:67:f6:
7e:af:09:5d:95:6c:22:02:e3:6a:55:29:40:65:1a:b8:a2:5f:
c6:31:98:43:a2:56:2b:65:4b:82:18:4d:8f:14:6d:3b:97:c6:
f6:62:79:22:c8:6f:fa:39:14:9d:8a:00:f4:9b:6f:21:58:46:
5f:87:d9:f8:6b:14:f7:1b:c2:d2:95:9b:c9:91:f2:ff:d7:92:
99:59:27:8b:3b:7e:9f:53:82:11:ef:9e:76:c8:d1:fb:11:47:
24:38:c5:0a:22:31:68:d5:e5:bf:87:d1:71:42:d5:60:b7:8d:
af:2d:33:b2:73:d9:d3:00:f4:a9:7b:ef:c4:8d:ee:62:f2:b4:
97:c8:e0:97
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZdI/W39CZeUEWHc+Xr9CTtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA3MDYwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQyMDNiYWI1ZTRkNWEyOTE5MGU2MTM3MTE0MTFkN2JjNzEwNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDXU536JgQyE+OAzm7i7gvzdC/xX
Fa/Yf/UJENqEuXBsFua2zLtL2y4JHohFNwpLmJVtXD4RfM9SDqPXnelYgr04InlH
+w5qk9c290l+txEKYAgXe4afJSJf+Ohl5iPVLqAx4JM4Ak12k3+ykHrez+hyNIP7
Vc5c0X/Zzuxnc/VwTZpt/XyPC1iKPAKkjNCbN5PTUsrdawLGYKAf6o6cCr/R+MAN
AaX+DxJyTyStFoDvKZIrDsEptI7ese+kmoHDXlOOTmSdJRwRzknHZWA2WR1ct0TW
tzvg13fR/R84OX9Y3CrmkkAilRGUivqChzUSxUlTklXfi/gDPy3dolfGDwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFIVCA7q15NWikZDmE3EUEde8cQdEMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvaFVJRHVyWGsxYUtSa09ZVGNSUVIxN3h4QjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBlBAIAAjBfAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kQMRACABBnwAZP//AAABl0j9XW4wDQYJKoZIhvcN
AQELBQADggEBALcotOBazefu5A5U+fj5Sg6u1PJW136pqGTaO3i4hhhJmIatZPgv
Epjca8CQkuhRFWrQ7+wLTEpOzNmRay/4vtaVbZTmR/oOFBbixHoizUTavSr+KlHJ
9Uy4c21heSvMM5XGfitWXZDTh/ZVmulDXQz0kuq+tlOno6XIDoFn9n6vCV2VbCIC
42pVKUBlGriiX8YxmEOiVitlS4IYTY8UbTuXxvZieSLIb/o5FJ2KAPSbbyFYRl+H
2fhrFPcbwtKVm8mR8v/XkplZJ4s7fp9TghHvnnbI0fsRRyQ4xQoiMWjV5b+H0XFC
1WC3ja8tM7Jz2dMA9Kl778SN7mLytJfI4Jc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:37:14 2025 by rpki-client